Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-12-28 | CVE-2017-17942 | Out-of-bounds Read vulnerability in Libtiff 4.0.9 In LibTIFF 4.0.9, there is a heap-based buffer over-read in the function PackBitsEncode in tif_packbits.c. | 8.8 |
| 2017-12-28 | CVE-2017-17941 | SQL Injection vulnerability in Single Theater Booking Script Project Single Theater Booking Script 3.2.2 PHP Scripts Mall Single Theater Booking has SQL Injection via the admin/movieview.php movieid parameter. | 7.2 |
| 2017-12-28 | CVE-2017-17939 | Cross-Site Request Forgery (CSRF) vulnerability in Single Theater Booking Script Project Single Theater Booking Script 3.2.2 PHP Scripts Mall Single Theater Booking has CSRF via admin/sitesettings.php. | 8.8 |
| 2017-12-28 | CVE-2017-17936 | Cross-Site Request Forgery (CSRF) vulnerability in Vanguard Project Marketplace Digital products PHP Vanguard Marketplace Digital Products PHP has CSRF via /search. | 8.8 |
| 2017-12-28 | CVE-2015-3637 | SQL Injection vulnerability in PHPmybackuppro SQL injection vulnerability in phpMyBackupPro when run in multi-user mode before 2.5 allows remote attackers to execute arbitrary SQL commands via the username and password parameters. | 8.1 |
| 2017-12-27 | CVE-2017-11698 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Mozilla Network Security Services Heap-based buffer overflow in the __get_page function in lib/dbm/src/h_page.c in Mozilla Network Security Services (NSS) allows context-dependent attackers to have unspecified impact using a crafted cert8.db file. | 7.8 |
| 2017-12-27 | CVE-2017-11697 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Mozilla Network Security Services The __hash_open function in hash.c:229 in Mozilla Network Security Services (NSS) allows context-dependent attackers to cause a denial of service (floating point exception and crash) via a crafted cert8.db file. | 7.8 |
| 2017-12-27 | CVE-2017-11696 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Mozilla Network Security Services Heap-based buffer overflow in the __hash_open function in lib/dbm/src/hash.c in Mozilla Network Security Services (NSS) allows context-dependent attackers to have unspecified impact using a crafted cert8.db file. | 7.8 |
| 2017-12-27 | CVE-2017-11695 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Mozilla Network Security Services Heap-based buffer overflow in the alloc_segs function in lib/dbm/src/hash.c in Mozilla Network Security Services (NSS) allows context-dependent attackers to have unspecified impact using a crafted cert8.db file. | 7.8 |
| 2017-12-27 | CVE-2017-13056 | Improper Input Validation vulnerability in Tracker-Software Pdf-Xchange Viewer 2.5 The launchURL function in PDF-XChange Viewer 2.5 (Build 314.0) might allow remote attackers to execute arbitrary code via a crafted PDF file. | 7.8 |